} } else { $login_error = true; } } // end of brute-force check } if (!isset($pagelevel)) { // set default page level $pagelevel = 0; } // check client SSL certificate if required if (K_AUTH_SSL_LEVEL !== false and K_AUTH_SSL_LEVEL <= $pagelevel) { $sslids = preg_replace('/[^0-9,]*/', '', K_AUTH_SSLIDS); if (!empty($sslids)) { $client_hash = F_getSSLClientHash(); $valid_ssl = F_count_rows(K_TABLE_SSLCERTS, 'WHERE ssl_hash=\'' . $client_hash . '\' AND ssl_id IN (' . $sslids . ')'); if ($valid_ssl == 0) { $thispage_title = $l['t_login_form']; //set page title require_once '../code/tce_page_header.php'; F_print_error('ERROR', $l['m_ssl_certificate_required']); require_once '../code/tce_page_footer.php'; exit; //break page here } } } // check user's level if ($pagelevel) { // pagelevel=0 means access to anonymous user
/** * Check if user's IP is valid over test IP range * @param $test_id (int) Test ID * @return true if the client certifiate is valid, false otherwise */ function F_isValidSSLCert($test_id) { require_once '../config/tce_config.php'; require_once '../../shared/code/tce_functions_authorization.php'; global $db, $l; $test_id = intval($test_id); if (F_count_rows(K_TABLE_TEST_SSLCERTS, 'WHERE tstssl_test_id=' . $test_id) == 0) { // no certificates were selected for this test return true; } // get the hash code for the client SSl certificate $client_ssl_hash = F_getSSLClientHash(); // check if the client certificate is enabled for this test if (F_count_rows(K_TABLE_TEST_SSLCERTS . ', ' . K_TABLE_SSLCERTS, 'WHERE tstssl_ssl_id=ssl_id AND tstssl_test_id=' . $test_id . ' AND ssl_hash=\'' . $client_ssl_hash . '\' LIMIT 1') > 0) { return true; } return false; }